---
title: "FreeBSD 4.9-RELEASE Errata"
sidenav: download
---

++++


<h3 class="CORPAUTHOR">The FreeBSD Project</h3>

<p class="COPYRIGHT">Copyright &copy; 2000, 2001, 2002, 2003 The FreeBSD Documentation
Project</p>

<p class="PUBDATE">$FreeBSD: src/release/doc/en_US.ISO8859-1/errata/article.sgml,v
1.1.2.122 2004/03/30 18:18:34 kensmith Exp $<br />
</p>

<div class="LEGALNOTICE"><a id="TRADEMARKS" name="TRADEMARKS"></a>
<p>FreeBSD is a registered trademark of Wind River Systems, Inc. This is expected to
change soon.</p>

<p>Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or
registered trademarks of Intel Corporation or its subsidiaries in the United States and
other countries.</p>

<p>Many of the designations used by manufacturers and sellers to distinguish their
products are claimed as trademarks. Where those designations appear in this document, and
the FreeBSD Project was aware of the trademark claim, the designations have been followed
by the ``&trade;'' or the ``&reg;'' symbol.</p>
</div>

<hr />
</div>

<blockquote class="ABSTRACT">
<div class="ABSTRACT"><a id="AEN18" name="AEN18"></a>
<p>This document lists errata items for FreeBSD 4.9-RELEASE, containing significant
information discovered after the release or too late in the release cycle to be otherwise
included in the release documentation. This information includes security advisories, as
well as news relating to the software or documentation that could affect its operation or
usability. An up-to-date version of this document should always be consulted before
installing this version of FreeBSD.</p>

<p>This errata document for FreeBSD 4.9-RELEASE will be maintained until the release of
FreeBSD 4.10-RELEASE.</p>
</div>
</blockquote>

<div class="SECT1">
<hr />
<h2 class="SECT1"><a id="AEN21" name="AEN21">1 Introduction</a></h2>

<p>This errata document contains ``late-breaking news'' about FreeBSD 4.9-RELEASE. Before
installing this version, it is important to consult this document to learn about any
post-release discoveries or problems that may already have been found and fixed.</p>

<p>Any version of this errata document actually distributed with the release (for
example, on a CDROM distribution) will be out of date by definition, but other copies are
kept updated on the Internet and should be consulted as the ``current errata'' for this
release. These other copies of the errata are located at <a
href="http://www.FreeBSD.org/releases/"
target="_top">http://www.FreeBSD.org/releases/</a>, plus any sites which keep up-to-date
mirrors of this location.</p>

<p>Source and binary snapshots of FreeBSD 4-STABLE also contain up-to-date copies of this
document (as of the time of the snapshot).</p>

<p>For a list of all FreeBSD CERT security advisories, see <a
href="http://www.FreeBSD.org/security/"
target="_top">http://www.FreeBSD.org/security/</a> or <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/"
target="_top">ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/</a>.</p>
</div>

<div class="SECT1">
<hr />
<h2 class="SECT1"><a id="AEN32" name="AEN32">2 Security Advisories</a></h2>

<p>(5 Dec 2003) <b class="APPLICATION">BIND</b> contains the potential for a
denial-of-service attack. This vulnerability has been addressed by a vendor patch on the
4.9-RELEASE security fix branch and by the import of a new version to the 4-STABLE
development branch. For more information, see <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:19.bind.asc"
target="_top">FreeBSD-SA-03:19</a>.</p>

<p>(8 Feb 2004) A bug with the System V Shared Memory interface (specifically the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=shmat&sektion=2&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">shmat</span>(2)</span></a> system
call) can cause a shared memory segment to reference unallocated kernel memory. In turn,
this can permit a local attacker to gain unauthorized access to parts of kernel memory,
possibly resulting in disclosure of sensitive information, bypass of access control
mechanisms, or privilege escalation. More details, including bugfix and workaround
information, can be found in security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:02.shmat.asc"
target="_top">FreeBSD-SA-04:02</a>.</p>

<p>(4 Mar 2004) It is possible for a remote attacker to conduct a low-bandwidth
denial-of-service attack against a machine providing TCP-based services, filling up the
target's memory buffers and potentially leading to a system crash. This vulnerability has
been addressed on the FreeBSD 4.9-RELEASE security fix branch. Security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:04.tcp.asc"
target="_top">FreeBSD-SA-04:04</a> contains more details, as well as information on
patching existing systems.</p>

<p>(17 Mar 2004) By performing a specially crafted SSL/TLS handshake with an application
that uses OpenSSL a null pointer may be dereferenced. This may in turn cause the
application to crash, resulting in a denial of service attack. For more information see
the Security Advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
target="_top">FreeBSD-SA-04:05</a> which contains more details and instructions on how to
patch existing systems.</p>
</div>

<div class="SECT1">
<hr />
<h2 class="SECT1"><a id="AEN46" name="AEN46">3 Late-Breaking News</a></h2>

<p>(28 Oct 2003) Very late in the release cycle, a change was made to the HyperThreading
(HTT) support on <span class="TRADEMARK">Intel</span>&reg; processors. HTT support is now
enabled by default on SMP-capable kernels; as a result, the <var
class="LITERAL">HTT</var> kernel option is unnecessary and has been removed. The extra
logical CPUs are always started so that they can handle interrupts, but are prevented
from executing user processes by default. To enable the logical CPUs, change the value of
the <var class="VARNAME">machdep.hlt_logical_cpus</var> <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sysctl&sektion=8&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sysctl</span>(8)</span></a>
variable from <var class="LITERAL">1</var> to <var class="LITERAL">0</var>. This value
can also be set from the loader as a tunable of the same name. This behavior is now
identical to FreeBSD 5.<var class="REPLACEABLE">X</var>.</p>

<p>(29 Oct 2003) Some of the packages contained in the first CD-ROM depend on different
versions of the <b class="APPLICATION">OpenLDAP</b> packages, which cannot co-exist on
the same host. One manifestation of this problem is that it is not possible to install
both the <a href="http://www.FreeBSD.org/cgi/url.cgi?ports/x11/gnome2/pkg-descr"><tt
class="FILENAME">x11/gnome2</tt></a> and <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/x11/kde3/pkg-descr"><tt
class="FILENAME">x11/kde3</tt></a> packages.</p>

<p>(30 Oct 2003) It appears that the <tt class="FILENAME">crypto</tt> distribution is
required for correct functioning of the FreeBSD base system. At the very least, the
libraries contained in the <tt class="FILENAME">crypto</tt> distribution are required for
<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=pkg_add&sektion=1&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">pkg_add</span>(1)</span></a>.</p>

<p>(30 Oct 2003) There are known cases of fairly-recent i386 machines with BIOSes that do
not support booting from emulation mode El Torito CDROMs. This prevents booting from the
FreeBSD 4.9-STABLE CDROMs. As a workaround, download the floppy disk images, use them to
boot the machine into <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sysinstall</span>(8)</span></a>,
and then do a CDROM install. This problem does not seem to be wide-spread as of this
writing.</p>

<div class="NOTE">
<blockquote class="NOTE">
<p><b>Note:</b> FreeBSD 5.<var class="REPLACEABLE">X</var> uses non-emulation El Torito
booting on its CDROM releases by default. These, of course, cannot be booted on very old
i386 machines that only support emulation mode.</p>
</blockquote>
</div>

<br />
<br />
<p>(10 Nov 2003) An update was made to the <var class="LITERAL">xterm</var> entry in the
<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=termcap&sektion=5&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">termcap</span>(5)</span></a>
database which, among other things, removed the (already deprecated) <var
class="LITERAL">bs</var> backspacing capability. The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=hack&sektion=6&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">hack</span>(6)</span></a> game
appears to depend on this capability and hence fails when run from inside a window with a
terminal type of <var class="LITERAL">xterm</var>.</p>

<p>(10 Nov 2003) Tagged queueing in the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ata&sektion=4&manpath=FreeBSD+4.8-stable"><span
 class="CITEREFENTRY"><span class="REFENTRYTITLE">ata</span>(4)</span></a> driver is
broken and appears to cause kernel panics.</p>
</div>
</div>

<hr />
<p align="center"><small>This file, and other release-related documents, can be
downloaded from <a
href="http://snapshots.jp.FreeBSD.org/">http://snapshots.jp.FreeBSD.org/</a>.</small></p>

<p align="center"><small>For questions about FreeBSD, read the <a
href="http://www.FreeBSD.org/docs.html">documentation</a> before contacting &#60;<a
href="mailto:questions@FreeBSD.org">questions@FreeBSD.org</a>&#62;.</small></p>

<p align="center"><small><small>All users of FreeBSD 4-STABLE should subscribe to the
&#60;<a href="mailto:stable@FreeBSD.org">stable@FreeBSD.org</a>&#62; mailing
list.</small></small></p>

<p align="center">For questions about this documentation, e-mail &#60;<a
href="mailto:doc@FreeBSD.org">doc@FreeBSD.org</a>&#62;.</p>

<br />
<br />
++++


